RE: access policies--
- From: "Quillman Shawn (RBNA/CIT1.1)" <Shawn.Quillman@xxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 24 Jan 2003 13:11:32 -0500
Best thing is to allow by user\group. That way you have complete control
over who gets access. (That on top of the fact that you do have to
specifically allow something with policy in order to grant access.)
-Shawn
-----
Shawn R. Quillman
Robert Bosch Corporation RBNA/CIT1.1
38000 Hills Tech Drive
Farmington Hills, MI 48331
(248) 553-1164 (P) (248) 848-2855 (F)
shawn.quillman@xxxxxxxxxxxx
-----Original Message-----
From: Jill Ray [mailto:jill@xxxxxxxxxxxxxxx]
Sent: Friday, January 24, 2003 12:57 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] access policies--
http://www.ISAserver.org
When authenticating by user, it is better to assign policies by
1. denying all first, then allowing by user/group
2. allowing all first, then denying by user/group
Is one trickier than the other?
Thanks in advance for your help,
Jill
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
